View Single Post
  #1   (View Single Post)  
Old 3rd November 2011
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,503
Default Thousands of WordPress sites commandeered by Black Hole

From http://www.theregister.co.uk/2011/11...ss_compromise/

Quote:
Mass attacks that exploit a known vulnerability in the WordPress publishing platform have continued to bear fruit for hackers, with thousands of websites claimed in the past few weeks, a researcher said.

The security bug, in a widely used image resizing utility known as TimThumb, allows attackers to seize control of WordPress websites, one of the victims warned nine weeks ago. A few days later, a security researcher found almost 4,400 WordPress sites had been commandeered in an attack that poisoned Google Image results with sites that attempted to trick users into installing counterfeit antivirus software. He speculated the cause was the same TimThumb exploit.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote